Subrata Banik has submitted this change. ( https://review.coreboot.org/c/coreboot/+/79769?usp=email )
Change subject: vendorcode/google/chromeos: Use unsigned int for "factory_config" ......................................................................
vendorcode/google/chromeos: Use unsigned int for "factory_config"
This patch ensures `chromeos_get_factory_config()` returns an unsigned integer value because factory config represents bit-fields to determine the Chromebook Plus branding.
Additionally, introduced safety measures to catch future "factory_config" bit-field exhaustion.
BUG=b:317880956 TEST=Able to verify that google/screebo is branded as Chromebook Plus.
Change-Id: I3021b8646de4750b4c8e2a2981f42500894fa2d0 Signed-off-by: Subrata Banik subratabanik@google.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/79769 Reviewed-by: Kapil Porwal kapilporwal@google.com Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Eric Lai ericllai@google.com Reviewed-by: Julius Werner jwerner@chromium.org --- M src/vendorcode/google/chromeos/chromeos.h M src/vendorcode/google/chromeos/tpm_factory_config.c 2 files changed, 15 insertions(+), 10 deletions(-)
Approvals: Eric Lai: Looks good to me, approved Julius Werner: Looks good to me, approved Kapil Porwal: Looks good to me, approved build bot (Jenkins): Verified
diff --git a/src/vendorcode/google/chromeos/chromeos.h b/src/vendorcode/google/chromeos/chromeos.h index 0c5e4f7..a4315c3 100644 --- a/src/vendorcode/google/chromeos/chromeos.h +++ b/src/vendorcode/google/chromeos/chromeos.h @@ -17,6 +17,8 @@ static inline void reboot_from_watchdog(void) { return; } #endif /* CONFIG_CHROMEOS */
+#define UNDEFINED_FACTORY_CONFIG ~((uint64_t)0) + /** * Perform any platform specific actions required prior to resetting the Cr50. * Defined as weak function in cr50_enable_update.c @@ -29,9 +31,9 @@ /* * The factory config space is a one-time programmable info page. * For the unprovisioned one, the read will be 0x0. - * Return `-1` in case of error. + * Return "UNDEFINED_FACTORY_CONFIG" in case of error. */ -int64_t chromeos_get_factory_config(void); +uint64_t chromeos_get_factory_config(void); /* * Determines whether a ChromeOS device is branded as a Chromebook Plus * based on specific bit flags: diff --git a/src/vendorcode/google/chromeos/tpm_factory_config.c b/src/vendorcode/google/chromeos/tpm_factory_config.c index 4f8801a..44fb9f0 100644 --- a/src/vendorcode/google/chromeos/tpm_factory_config.c +++ b/src/vendorcode/google/chromeos/tpm_factory_config.c @@ -1,5 +1,6 @@ /* SPDX-License-Identifier: GPL-2.0-only */
+#include <assert.h> #include <console/console.h> #include <security/tpm/tss.h> #include <types.h> @@ -9,11 +10,11 @@ #define CHROMEBOOK_PLUS_SOFT_BRANDED BIT(0) #define CHROMEBOOK_PLUS_DEVICE (CHROMEBOOK_PLUS_HARD_BRANDED | CHROMEBOOK_PLUS_SOFT_BRANDED)
-int64_t chromeos_get_factory_config(void) +uint64_t chromeos_get_factory_config(void) { - static int64_t factory_config = -1; + static uint64_t factory_config = UNDEFINED_FACTORY_CONFIG;
- if (factory_config >= 0) + if (factory_config != UNDEFINED_FACTORY_CONFIG) return factory_config;
/* Initialize TPM driver. */ @@ -21,17 +22,19 @@ if (rc != TPM_SUCCESS) { printk(BIOS_ERR, "%s:%d - tlcl_lib_init() failed: %#x\n", __func__, __LINE__, rc); - return -1; + return UNDEFINED_FACTORY_CONFIG; }
- rc = tlcl_cr50_get_factory_config((uint64_t *)&factory_config); + rc = tlcl_cr50_get_factory_config(&factory_config);
if (rc != TPM_SUCCESS) { printk(BIOS_ERR, "%s:%d - tlcl_cr50_get_factory_config() failed: %#x\n", __func__, __LINE__, rc); - return -1; + return UNDEFINED_FACTORY_CONFIG; }
+ assert(factory_config != UNDEFINED_FACTORY_CONFIG); + return factory_config; }
@@ -48,9 +51,9 @@ */ bool chromeos_device_branded_plus(void) { - int64_t factory_config = chromeos_get_factory_config(); + uint64_t factory_config = chromeos_get_factory_config();
- if (factory_config < 0) + if (factory_config == UNDEFINED_FACTORY_CONFIG) return false;
return factory_config & CHROMEBOOK_PLUS_DEVICE;